❌

Reading view

What to Do When a Third-Party Data Breach Puts Your Website at Risk

What to Do When a Third-Party Data Breach Puts Your Website at Risk

Data breach notification letters have become a familiar routine. They usually start with β€œWe value your privacy” and offer a year of free credit monitoring. But the most important part is often hidden in the middle:

A list of what actually got out.

A leaked email address is not a leaked admin password. A hashed credential is not a session token. There is no universal post-breach checklist. The right response depends on the data exposed, so read the notice carefully and match your response to the level of exposure.

Continue reading What to Do When a Third-Party Data Breach Puts Your Website at Risk at Sucuri Blog.

  •  

Canvas hack: is it ever a good idea to pay a ransom, and what happens to the data?

Businesses are advised against paying – but many are prepared to deal to protect users’ privacy

After a week of outages, hundreds of millions of students’ data stolen, delayed assignment due dates and school login pages being defaced by hackers, the US tech firm Instructure – which operates the education platform Canvas, used by education providers worldwide – announced it had β€œreached an agreement with the unauthorised actor” behind the ransomware attack.

Experts read the careful language as a sign that a ransom has been paid. The company has not confirmed this.

Continue reading...

Β© Photograph: Boonchai Wedmakawand/Getty Images

Β© Photograph: Boonchai Wedmakawand/Getty Images

Β© Photograph: Boonchai Wedmakawand/Getty Images

  •  
❌